Holiday Scams and Tips to Avoid Being Caught in a Fraudulent Scheme

Fraud schemes are hardly limited to the holidays, but they tend to spike during this high-spending and stressful time of the year. Mutual Credit Union would like to help arm you, our members with information on the fraud practices you may encounter and how to avoid becoming a victim.
Technology has created many more options for you to access accounts and make purchases, fraud too has opened up more sophisticated avenues. But it is always good to be reminded of the basics: to continue to be skeptical about calls, texts, and emails. Here is a refresher of several important fraud methods you might see:

Brute Force schemes are attempts to crack a password or username, find a hidden web page, or find the key used to encrypt a message using a trial-and-error approach to guess correctly. This is an old attack method, but it’s still effective and popular with hackers.

Skimming is perpetrated by using electronic devices to secretly scan and store credit and debit card numbers and PINs. ATMs and some unattended terminals, such as gas stations, are targets for this practice. This information can then be sold to fraudsters or used to commit theft directly. Fraudsters can use the numbers to make online purchases or to create fake cards for in-store transactions.

Phishing is the fraudulent practice of sending emails claiming to be from reputable companies in order to make you reveal personal information, such as passwords and credit card numbers.

SMiShing (SMS phishing) is the act of attempting to acquire personal information such as passwords and details by masquerading as a trustworthy entity through SMS text messages on cell phones. SMiShing messages may come from telephone numbers that are in a strange or unexpected format with links directing to fake websites.
A typical SMiShing occurrence can begin with a you receiving a text message inquiring about a suspicious transaction on an account. In reality, the fraudster is looking to obtain other information from you such as debit/credit card numbers, CV2 codes, expiration dates, PINs and other web login credentials. Please note that legitimate SMS text messages from Mutual CU will NEVER include:

• Requests for cardholder’s data, such as card numbers, PINs, CV2 Codes, or Expiration Dates
• Vague reference of a “merchant” transaction; details should be included
• Hyperlinks to unknown websites
• Phone numbers as hyperlinks

Vishing is the telephone equivalent of phishing. It is described as the act of using the telephone to scam you into surrendering private information that will be used for fraudulent purchases or identity theft.

Some holiday scams your cardholders may see:

Seasonal Travel Scams

• Beware of deals that are too good to be true
• You should always know who your travel is being booked through

Holiday Charity Scams

• A legitimate charity will welcome donations whenever the cardholder chooses to make it. Fraudsters will pressure them to make it immediately.
• Don’t make any donation with a gift card or wire transfer.

Fraud Fighting Services at Mutual Credit Union:

  • Enroll in two-factor authentication to login to online banking
  • All members are enrolled in Text (SMS) notifications for any fraudulent activity that is detected on debit or credit cards
  • Enrolling in CreditSense will alert you to any changes on your credit report
  • Setting up SAMCards Manager allows you to set alerts for places, dollar amounts, regions and to turn your cards on or off

Visit for any additional information you may need for any of these services.




Leave a Reply